Information security – Access control or authentication – Network
Reexamination Certificate
2005-04-18
2011-11-15
Pyzocha, Michael (Department: 2437)
Information security
Access control or authentication
Network
C726S004000, C713S151000, C713S156000, C713S158000, C713S175000, C713S182000, C713S187000, C713S188000, C709S229000
Reexamination Certificate
active
08060924
ABSTRACT:
A system and method for controlling the execution of executable files. The executables are identified by either a cryptographic digest or a digital certificate. The crytographic digest is computed from the binary image of the executable. An executable that is attempting to execute is intercepted by a protection module that consults a database of stored rules over a secure channel to determine whether or not the executable can be identified as a permitted executable and whether or not it has permission to execute on a particular computer system under certain specified conditions. If a stored permission is available, it is used to control the execution. Otherwise, the user is consulted for permission.
REFERENCES:
patent: 5794049 (1998-08-01), Lindholm
patent: 5826088 (1998-10-01), Sitbon et al.
patent: 5854930 (1998-12-01), McLain et al.
patent: 5923878 (1999-07-01), Marsland
patent: 6038394 (2000-03-01), Layes et al.
patent: 6094528 (2000-07-01), Jordan
patent: 6141793 (2000-10-01), Bryant et al.
patent: 6367012 (2002-04-01), Atkinson et al.
patent: 6473893 (2002-10-01), Kay et al.
patent: 6721941 (2004-04-01), Morshed et al.
patent: 6766454 (2004-07-01), Riggins
patent: 6941470 (2005-09-01), Jooste
patent: 6996814 (2006-02-01), Bak
patent: 7454508 (2008-11-01), Mathew et al.
patent: 7500108 (2009-03-01), Johnson et al.
patent: 2001/0051930 (2001-12-01), Nakamura
patent: 2002/0091186 (2002-07-01), Auerbach
patent: 2002/0099952 (2002-07-01), Lambert et al.
patent: 2003/0070083 (2003-04-01), Nessler
patent: 2003/0204842 (2003-10-01), Chenelle et al.
patent: 2005/0223239 (2005-10-01), Dotan
patent: 2404262 (2005-01-01), None
patent: WO98/50843 (1998-11-01), None
patent: WO 98/50843 (1998-11-01), None
patent: WO01/98876 (2001-12-01), None
patent: WO 01/98876 (2001-12-01), None
patent: WO2005/099342 (2005-10-01), None
Reiner Kraft, “Designing a distributed access control processor for network services on the Web”, Nov. 2002, XMLSEC '02: Proceedings of the 2002 ACM workshop on XML security, Publisher: ACM, pp. 36-52.
Hawkins, W.,LIMP: An Interpreted Programming Language for Students, Professors and Programmers, Consortium for Computing Sciences in Colleges: Southeastern Conference, JCSC, vol. 19, No. 3, pp. 96-109 (Jan. 2004).
Karinthi, et al.,Incremental Re-Execution of Programs, ACM, pp. 38-44 (1987).
Kc, et al.,Countering Code-Injection Attacks With Instruction-Set Randomization, ACM, pp. 272-280 (2003).
Milanés, et al.,Managing Jobs With an Interpreted Language for Dynamic Adaptation, ACM, pp. 1-6 (2005).
International Search Report and Written Opinion in related PCT application PCT/IB05/002335, pp. 1-10 (Feb. 8, 2006).
Written Opinion of the International Searching Authority in related PCT application PCT/IB05/002755, pp. 1-5 (Feb. 23, 2006).
Written Opinion of the International Searching Authority in related PCT application PCT/IB05/001623, pp. 1-6 (Oct. 25, 2006).
Fields Courtney D
Greeberg Traurig, LLP
Lumension Security, Inc.
Pyzocha Michael
LandOfFree
On-line centralized and local authorization of executable files does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with On-line centralized and local authorization of executable files, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and On-line centralized and local authorization of executable files will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4283418